Main Menu

Legal Blogs and Updates

Print PDF
Cyber Incident Exposes Potential Vulnerabilities Onboard Commercial Vessels

In February of 2019, a deep draft vessel reported that it was experiencing a significant cyber incident impacting their shipboard network. There has been no information regarding who instigated the attack but an interagency team of cyber experts stated that the damage had no effect on the vessel’s seaworthiness, finding that “although the malware significantly degraded the functionality of the onboard computer system, essential vessel control systems had not been impacted.” The team also confirmed that the vessel was not operating with cybersecurity measures in place. Surprisingly, the security risks were well-known among crewmembers, yet the issues were never addressed. Although it is unknown whether this vessel is indicative of the state of cybersecurity measures onboard ships of this kind as a whole, this attack is a wake-up call to the entire shipping community: “it is imperative that the maritime community adapt to changing technologies.”

The U.S. Coast Guard has offered several recommendations to protect onboard networks, including: segment networks; implement per-user profiles and passwords; exercise caution with external media; use antivirus software; and install patches. Furthermore, it is strongly recommended that “all vessel and facility owners and operators conduct cybersecurity assessments to better understand the extent of their cyber vulnerabilities.”

  • Partner

    Karen Randall is founder and chair of the Cybersecurity and Data Privacy practice, co-chair of the Professional Liability practice and a senior trial counsel at Connell Foley. She represents clients in complex litigation, and ...

Archives

Back to Page